package cn.hchaojie.boot.web;

import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
public class AdminController {
	@RequestMapping("/admin/users")
	public String admin() {
		return "users";
	}

	@RequestMapping("/sales/users")
	public String sales() {
		return "sales";
	}
	
	@RequestMapping("/root")
	@PreAuthorize("hasRole('admin')")
	public String root() {
		return "root";
	}

	@RequestMapping("/order")
	@PreAuthorize("hasRole('sales')")
	public String order() {
		return "order";
	}
}
